authToken property
End-user JWT (or equivalent bearer token) forwarded to the bot backend on every chat request so authenticated downstream tools can attribute calls to the right account.
Use this when the host app has its own identity layer and the bot
needs to call a backend API that requires that user's auth — e.g.
AI Nail's /api/nail/* endpoints, where design_save must
attach to the calling user's library, tryon_start to their
hand photo, etc.
The token is sent only in-flight, never persisted by widget_chat.
Read-side rotation is on the host: a new token here on the next
updateConfiguration reaches every subsequent request. Pass
null (the default) when the bot has no authenticated tools.
Backend-side handling is described in
flutterbot_api/chat_api/tools/api_executor.py — the token lands
as Authorization: Bearer <token>, never overrides a tool's own
service-account header, and is redacted from ToolExecution rows.
Implementation
Map<String, dynamic>? get userContext;/// End-user JWT (or equivalent bearer token) forwarded to the bot
/// backend on every chat request so authenticated downstream tools
/// can attribute calls to the right account.
///
/// Use this when the host app has its own identity layer and the bot
/// needs to call a backend API that requires that user's auth — e.g.
/// AI Nail's `/api/nail/*` endpoints, where ``design_save`` must
/// attach to the calling user's library, ``tryon_start`` to their
/// hand photo, etc.
///
/// The token is sent only in-flight, never persisted by widget_chat.
/// Read-side rotation is on the host: a new token here on the next
/// `updateConfiguration` reaches every subsequent request. Pass
/// ``null`` (the default) when the bot has no authenticated tools.
///
/// Backend-side handling is described in
/// `flutterbot_api/chat_api/tools/api_executor.py` — the token lands
/// as `Authorization: Bearer <token>`, never overrides a tool's own
/// service-account header, and is redacted from ToolExecution rows.
String? get authToken;